Loading...
 

Score

Option Description Default
Score Score is a game to motivate participants to increase their contribution by comparing to other users. Disabled
Score expiry 0 days


Search - Federated search

Option Description Default
Federated search Search through alternate site indices.
Elasticsearch or Manticore Search is required
Disabled
Elasticsearch tribe node URL URL of the tribe client node accessing multiple clusters. None
Manticore distributed index prefix The prefix used when creating distributed index in Manticore. This needs to be the same for all sites participating in the federation. Tiki_


Search - General settings

Option Description Default
Unified search index Enables searching for content at the site using a Tiki-managed index.
It's recommended to set a cron job to periodically rebuild the search index.
Enabled
Search statistics Enables administrators to collect and view statistics on search activity. Disabled
Users available in search results Users available within search results. Content related to the user will be included in the index.
None | All | Public
None
Incremental Index Update Update the index incrementally as the site content is modified.
This may lead to lower performance and accuracy than processing the index on a periodic basis.
Enabled
Search index rebuild memory limit Temporarily adjust the memory limit to use during Search index rebuild. Depending on the volume of data, some large operations require more memory. Increasing it locally, per operation, allows to keep a lower memory limit globally. Keep in mind that memory usage is still limited to what is available on the server.
for example: 256M
None
Search index rebuild time limit Temporarily adjust the time limit to use during Search index rebuild. Depending on the volume of data, some requests may take longer. Increase the time limit locally to resolve the issue. Use reasonable values.
for example: 30
None
Unified search engine Search engine used to index the content of this Tiki site. Some engines are more suitable for larger sites, but require additional software on the server.
MySQL full-text search | Elasticsearch | Manticore Search
MySQL full-text search
Elasticsearch URL URL of any node in the cluster http://localhost:9200
Elasticsearch Authentication When Elasticsearch security module is enabled, user authentication can be set up here.
No Authentication | Basic Authentication
None
Elasticsearch User HTTP basic authentication user to be sent with each request to Elasticsearch. None
Elasticsearch Password HTTP basic authentication password to be sent with each request to Elasticsearch. None
Elasticsearch index prefix The prefix that is used for all indexes for this installation in Elasticsearch Tiki_
Elasticsearch current index A new index is created upon rebuilding, and the old one is then destroyed. This setting enables seeing the currently active index.
Do not change this value unless you know what you are doing.
None
Elasticsearch field limit per index The maximum number of fields per search index in Elasticsearch version 5.x and above 1000 fields
Relation types to index within object. Comma-separated relation types for which objects should be indexed in their related objects.
Elasticsearch needed
None
Use MySQL Full-Text Search (fallback) In case of Elasticsearch is active and unavailable, use MySQL Full-Text Search as fallback Disabled
MySQL use short field names Due to frm file constraints, number of search fields that one index can hold is usually limited to about 1500. This can be exceeded if you have numerous tracker fields. Enabling this option will try to shorten the field names internally that should allow you to use 300-500 more fields. Switching this option requires full index rebuild. Disabled
Restore old MySQL indexes during reindex If set, after the reindex is performed, old table MySQL indexes will be restored to the reindex related table. Disabled
Manticore URL URL of the Manticore search server http://127.0.0.1
Manticore HTTP(S) Port Port number for the HTTP(S) interface. 9308
Manticore MySQL Port Port number for the MySQL interface. 9306
Manticore index prefix The prefix that is used for all indexes for this installation in Manticore Tiki_
Manticore current index A new set of indexes are created upon rebuilding, and the old ones are then destroyed. This setting enables seeing the currently active index prefix.
Do not change this value unless you know what you are doing.
None
Morphology processing Advanced morphology preprocessors to apply in the Manticore index, comma-separated. For example libstemmer_en,libstemmer_fr. See Manticore manual for possible values. None
Manticore indexed full-text fields Manticore has a hard-limit of 256 full-text indexed fields per index. If your installation has more, some will be indexed as string attributes and perform the slower regex search. You can add a comma-separated list of fields to always index as full-text here. title,contents
Default Boolean Operator Use OR or AND as the default search operator.
AND | OR
AND
Excluded categories List of category IDs to exclude from the search index None
Excluded plugins List of plugin names to exclude while indexing None
Additional plugins searchable by default List of plugin names that are required to additionnaly include while indexing. Example: fancytable,list,trackerlist,trackerfilter attach, box, code, copyrigh...
Don't index non searchable fields Indexing will skip adding all tracker fields that are not marked as "searchable". This will free index space but also make it impossible to use those fields in search index queries. Disabled
Index forum replies together with initial post Forum replies will be indexed together with the initial post as a single document instead of being indexed separately. Enabled
Tokenize version numbers Tokenize version number strings so that major versions are found when sub-versions are mentioned. For example, searching for 2.7 would return documents containing 2.7.4, but not 1.2.7. Disabled
Tokenize CamelCase words Consider the components of camel-case words as separate tokens, allowing them to be searched individually.
Conflicts with Tokenize Version Numbers.
Disabled
Possessive Stemmer The possessive stemmer removes possessives (trailing "'s") from words before indexing them. Enabled
Field weights Allow the field weights to be set that apply when ranking pages in the search results. The weight is applied only when the field is in the query. To nullify the value of a field, use an insignificant amount, but not 0, which may lead to unexpected behaviors such as stripping of results.
(Add these fields to the "Default content fields" preference below for it to have an effect in a global "content" search)
One field per line, field_name:5.3
title:2.5 allowed_groups:0....
Default content fields All of the content is aggregated in the contents field. For custom weighting to apply, the fields must be included in the query. This option allows other fields to be included in the default content search. contents, title
Cache per user and query for Tiki built-in search Time in minutes a user has a same query cached applied to Tiki built-in search interface only. 0 minutes
Cache result-specific formatted results Formatted search results such as the ones used in the List plugin will be cached to prevent process-intensive reformatting on each page load. The cache is result-specific.
Every different result will generate a separate cache. This could quickly build up a large cache directory. It is recommended to clear Tiki caches often (e.g. once per week) via an automated job if you use this feature.
Disabled
Cache individual search formatters List of search formatters whose output will be cached. This is separate to the result-specific formatted results cache. None
LIST plugin cache default on If selected, LIST plugins will be cached by default unless turned off at plugin level. Disabled
LIST plugin cache default expiry Default number of minutes for LIST plugin cache expiry. 30
Index Tracker Category names Index the names and paths of category field values
Requires reindexing
Enabled
Use unified search in category admin Use unified search to find objects to add to categories. This limits the types of objects available to those included in the unified index. Disabled
Automatically trim Elasticsearch results on date-sorted query Automatically trim Elasticsearch results in unified search if the query is sorted by modification or creation date. Disabled
Show error on missing field When using List plugin to specify certain fields, especially tracker fields, this check helps ensure their names were entered correctly. Enabled
Stop Word List Words excluded from the search index, because they can be too frequent and produce unwanted results.
MySQL full-text search has its own list of stop words configured in the server.
a, an, and, are, as, at, be...
Search index outdated Number of days to consider the search index outdated 2 days
Automatic indexing of file content Uses command line tools to extract the information from the files based on their MIME types. Disabled
Automatic indexing of emails stored as files Parses message/rfc822 types of files (aka eml files) and stores individual email headers and content in search index. Disabled
Asynchronous indexing Enabled
Autocomplete page names Automatically complete page names as the user starts typing. For example the user types the start of the wiki page name “Sear” and Tiki returns “Search”, “Search General Settings”, etc Disabled
Referer search highlighting When a user lands on a Tiki page from a search engine, Tiki highlights the search words they used. Its similar to using Tiki’s search facility. Enabled
File thumbnail preview Have a preview of attachments in search results Disabled
Forum name search When listing forums Disabled
Forum content search When listing forums Enabled
Topic content search Enabled
Unified search for forums and file galleries Enabled


Search - Stored search

Option Description Default
Stored searches Allow users to store search queries. Disabled


Security - General security

Option Description Default
Smarty security Enable/Disable Smarty security. If checked, you can then define allowed and disabled modifiers and tags(functions, blocks and filters) that should be or not accesible to the template.
You should leave this on unless you know what you are doing.
Enabled
Allowed Smarty tags This is a list of allowed tags. It's the list of (registered / autoloaded) function-, block and filter plugins that should be accessible to the template. If empty, no restriction by allowed_tags. This may be needed for custom templates.
Use "," to separate values
There may be security implications. Make sure you know what you are doing.
None
Disabled Smarty tags This is a list of disabled tags. It's the list of (registered / autoloaded) function-, block and filter plugins that may not be accessible to the template. If empty, no restriction by disabled_tags. This may be needed for custom templates.
Use "," to separate values
There may be security implications. Make sure you know what you are doing.
None
Allowed Smarty modifiers This is the list of allowed modifier plugins. It's the array of (registered / autoloaded) modifiers that should be accessible to the template. If this array is non-empty, only the herein listed modifiers may be used. This is a whitelist. If empty, no restriction by allowed_modifiers. This may be needed for custom templates.
Use "," to separate values
There may be security implications. Make sure you know what you are doing.
None
Disabled Smarty modifiers This is a list of disabled modifier plugins. It's the list of (registered / autoloaded) modifiers that may not be accessible to the template. If empty, no restriction by disabled_modifiers. This may be needed for custom templates.
Use "," to separate values
There may be security implications. Make sure you know what you are doing.
None
Extra Smarty directories Make additional directories available as Smarty directories. This may be needed for custom icons (clear temp/cache after changing).
There may be security implications. Make sure you know what you are doing.
None
HTML purifier HTML Purifier is a standards-compliant HTML filter library written in PHP and integrated in Tiki. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also ensure that your documents are standards-compliant. Keep in mind that HTML Purifier is not HTML5 compatible and may rewrite HTML5 syntax and produce unwanted results.
If you use HTML in your wiki page and it gets stripped out or rewritten, make sure your HTML is valid, or de-activate this feature. Keep in mind that HTML Purifier is not HTML5 compatible and may rewrite HTML5 syntax and produce unwanted results.
Enabled
Output should be HTML purified This activates HTML Purifier on wiki content and other outputs, to filter out potential security problems like XSS code. Keep in mind that HTML Purifier is not HTML5 compatible and may rewrite HTML5 syntax, producing unwanted results.
If you are trying to use HTML in your pages and it gets stripped out, you should make sure your HTML is valid or de-activate this feature.
Disabled
Protect all sessions with HTTPS Always redirect to HTTPS to prevent a session hijack through network sniffing.
Warning: activate only if SSL is already configured; otherwise, all users including admin will be locked out of the site
Disabled
HTTP Basic Authentication Check credentials from HTTP Basic Authentication, which is useful to allow webservices to use credentials.
Disable | SSL Only (Recommended) | Always
Disable
Prevent common passwords For improved security, prevent users from creating blacklisted passwords. Use default blacklist or create custom blacklists through Control Panel -> Log in -> Password Blacklist. Disabled
Require admin users to enter their password for some critical actions User password will be required for critical operations that can compromise the system security or stability, like adding users to the admin group Enabled
Allow sending newsletters through external clients Generate mailto links using the recipients as the BCC list.
This will expose the list if email addresses to all users allowed to send newsletters.
Disabled
Validate uploaded file content Do not trust user input and open the files to verify their content. Enabled
Allow the tiki_p_trust_input permission. Bypass user input filtering.
Note: all permissions are granted to the Admins group including this one, so if you enable this you may expose your site to XSS (Cross Site Scripting) attacks for admin users.
Disabled
Quick permission assignment Quickperms are an interface in addition to the normal edit-permissions page, for quick assignment of permissions for a page or other object. Enabled
Verify HTTPS certificates of remote servers When set to enforce, the server will fail to connect over HTTPS to a remote server that do not have a SSL certificate that is valid and can be verified against the local list of Certificate Authority (CA)
Do not enforce verification | Enforce verification
None
Use CURL for HTTP connections Use CURL instead of sockets for server to server HTTP connections, when sockets are not available. Disabled
Debugger console A popup console with a list of all PHP and Smarty variables used to render the current webpage. It can be viewed by clicking 'Quick Administration->Smarty debug window' or by appending ?show_smarty_debug=1 or &show_smarty_debug=1 to the page URL. You may also execute SQL, watch vars and perform a number of other functions.
Only viewable by admins
Not suitable for production use.
Disabled
Tiki template viewing May not be functional in Tiki 14+ Disabled
Edit templates May not be functional in Tiki 14+ Disabled
Edit CSS Edit CSS files directly in the browser.
May not be functional in Tiki 14+
Disabled
User encryption Tiki user encryption enables a personal, secure storage of sensitive data, e.g. password. Only the user can see the data. No decryption passwords are stored.
Enable personal, secure storage of sensitive data such as passwords
This is an experimental feature. Using it may cause loss of the encrypted data.
Disabled
Password domains Securely store extra user passwords and other user specific data for other "domains", or just for yourself Userkey
Use short lived CSRF tokens CSRF tokens generated will be valid for one use only and will have a limited life span
Changing the CSRF tokens to be short lived may lead to an increase of errors on submitting information when the users take a long time to finish an operation or the session is lost.
Disabled
Security timeout Sets the expiration of CSRF tickets and related forms. The session_lifetime preference is used for the default, if set, otherwise the session.gc_maxlifetime php.ini setting is used, subject to a default maximum of four hours in any case.
Minimum value is 30 seconds to avoid blocking everyone from being able to make any changes, including to this setting
14400 seconds
Require confirmation of an action if a possible CSRF is detected Disabled
HTTP header x-frame options The x-frame-options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe> or <object> Enabled
Header value DENY | SAMEORIGIN DENY
HTTP header x-xss-protection The x-xss-protection header is designed to enable the cross-site scripting (XSS) filter built into modern web browsers Enabled
Header value 0 | 1 | 1;mode=block 1;mode=block
HTTP header x-content-type-options The x-content-type-options header is a marker used by the server to indicate that the MIME types advertised in the Content-Type headers should not be changed and be followed. Enabled
HTTP header content-security-policy The Content-Security-Policy header allows web site administrators to control resources the user agent is allowed to load for a given page. Enabled
Header value For example, to allow your Tiki to appear in an iframe on example.com set this value to frame-ancestors https://example.com/ None
HTTP header strict-transport-security The Strict-Transport-Security header (often abbreviated as HSTS) is a security feature that lets a web site tell browsers that it should only be communicated with using HTTPS, instead of using HTTP. Enabled
Header value None
HTTP header public-key-pins The public-key-pins header associates a specific cryptographic public key with a certain web server to decrease the risk of MITM attacks with forged certificates. If one or several keys are pinned and none of them are used by the server, the browser will not accept the response as legitimate, and will not display it. Enabled
Header value None


Security - OpenPGP

Option Description Default
PGP/MIME encrypted email messaging Use OpenPGP PGP/MIME-compliant encrypted email messaging. All email messaging, notifications, and newsletters are sent as PGP/MIME-encrypted messages, signed with the signer key, and are completely opaque to outsiders. All user accounts need to be properly configured in a gnupg keyring with public keys associated with their tiki-account-related email addresses.
Enable only if gpg, keyring, and tikiaccounts are properly configured for PGP/MIME functionality. NOTE: Requires that all accounts have their public-keys configured into gnupg-keyring, so do not allow non-administred registrations (or e.g. non-configured emails for newsletters etc) to site if this feature turned on.
Disabled
Path to gnupg keyring Full directory path to gnupg keyring (default /home/www/.gnupg/ ). The directory, related subdirectories (e.g., a subdirectory 'signer'), and files must have proper permissions for tiki to access/read the directories/files, and create/delete necessary temporary workfiles there. /home/www/.gnupg/
Path to gpg executable Full path to gpg executable. /usr/bin/gpg
Read signer pass phrase from prefs or from a file Read GnuPG signer pass phrase from preferences or from a file (default is 'file' ). With file option, configure other preference for the full path including the filename of the file containing the GnuPG signer private-key pass phrase.
preferences | file
Preferences
Signer pass phrase GnuPG signer private-key passphrase. Define pass phrase either here or in a signer pass phrase file.
leave empty if read from file
None
Path to signer pass phrase filename Full path including the filename of the file containing the GnuPG signer private-key pass phrase. The directory and file must have proper permissions for tiki to access/read the signer pass phrase file. /home/www/.gnupg/signer/sig...


Security - Search results

Error: Cant find security-searchresults you may choose from one of the following:
ads-activatethefeature
ads-plugins
ads-siteadsandbanners
ads
articles-articleslistingandview-articleview
articles-articleslistingandview-listarticles
articles-articleslistingandview
articles-generalsettings-activatethefeature
articles-generalsettings-features
articles-generalsettings-plugins
articles-generalsettings-sharingonsocialnetworks
articles-generalsettings
blogs-blogslistings-itemstodisplay
blogs-blogslistings
blogs-generalsettings-activatethefeature
blogs-generalsettings-comments
blogs-generalsettings-features
blogs-generalsettings-plugins
blogs-generalsettings-sharingonsocialnetworks
blogs-generalsettings
calendar-activatethefeature
calendar-generalsettings
calendar-plugins
calendar
category-activatethefeature
category-categoryobjects
category-features
category-forum
category-inlineplugins
category-performance
category-plugins
category-poll
category-structure
category-theme
category-tracker
category-wiki
category
comments-annotations
comments-displayoptions
comments-sitewidefeatures
comments-usingcommentsinvariousfeatures
comments
community-communityfeatures-additionaloptions
community-communityfeatures-community
community-communityfeatures
community-plugins
community-socialinteraction-activitystream
community-socialinteraction-friendshipandfollowers
community-socialinteraction-goalrecognitionandrewards
community-socialinteraction-score
community-socialinteraction-selectwhichitemstodisplaywhenlistingusers
community-socialinteraction
connect-jitsi-jitsi
connect-jitsi
connect-settings-tikiconnect
connect-settings
copyright-activatethefeature
copyright-features
copyright
directory-activatethefeature
directory-directory
directory
faqs-activatethefeature
faqs-settings
faqs
features-globalfeatures-3
features-globalfeatures-4
features-globalfeatures-additionalfeatures
features-globalfeatures-administrativefeatures
features-globalfeatures-interactionwithonlineservicesorothersoftware
features-globalfeatures-mailandsharing
features-globalfeatures-mainfeatures
features-globalfeatures-paymentandaccounting
features-globalfeatures-progressivewebapp
features-globalfeatures-secondaryfeatures
features-globalfeatures
features-interface-elementplus
features-interface-experimental
features-interface-jquerypluginsandaddons
features-interface
features-programmer-customcode
features-programmer-loggingandreporting
features-programmer
fgal-adminlistings-0
fgal-adminlistings
fgal-enhancements-access
fgal-enhancements-draw
fgal-enhancements-h5p
fgal-enhancements-scorm
fgal-enhancements-vimeo
fgal-enhancements
fgal-generalsettings-activatethefeature
fgal-generalsettings-features
fgal-generalsettings-quota
fgal-generalsettings-settingsfordiagrams
fgal-generalsettings-settingsformediaalchemyst
fgal-generalsettings-settingsforrecordrtc
fgal-generalsettings-uploadregex
fgal-generalsettings
fgal-listings
fgal-plugins-plugins
fgal-plugins
fgal-searchindexing
forums-forumlisting
forums-generalsettings-activatethefeature
forums-generalsettings-features
forums-generalsettings-searches
forums-generalsettings-threads
forums-generalsettings
freetags-activatethefeature
freetags-plugins
freetags-tags
freetags-tagsearchpage
freetags
general-dateandtime-datetimeselectors
general-dateandtime-timezoneandformat
general-dateandtime
general-generalpreferences-errortracking
general-generalpreferences-loggingandreporting
general-generalpreferences-mail
general-generalpreferences-newsletter
general-generalpreferences-schedulersettings
general-generalpreferences-siteidentity
general-generalpreferences-webcron
general-generalpreferences
general-generalsettings-contact
general-generalsettings-help
general-generalsettings-multidomain
general-generalsettings-server
general-generalsettings-sessions
general-generalsettings-siteterminal
general-generalsettings-stats
general-generalsettings-termsandconditions
general-generalsettings
general-navigation-breadcrumbs
general-navigation-homepage
general-navigation-menus
general-navigation-namespace
general-navigation-redirects
general-navigation-siteaccess
general-navigation-sitemapprotocol
general-navigation-user
general-navigation
i18n
intertiki-intertikiclient-activatethefeature
intertiki-intertikiclient-clientserversettings
intertiki-intertikiclient-currentlylinkedmasterserver
intertiki-intertikiclient
intertiki-intertikimasterserver-activatethefeature
intertiki-intertikimasterserver-masterserversettings
intertiki-intertikimasterserver
login-cas-cascentralauthenticationservice
login-cas-casserver
login-cas
login-generalpreferences-captcha
login-generalpreferences-cookies
login-generalpreferences-password
login-generalpreferences-registration
login-generalpreferences-username
login-generalpreferences
login-ldap-ldapadmin
login-ldap-ldapbindsettings
login-ldap-ldapuser
login-ldap-warning
login-ldap
login-ldapexternalgroups-ldapadmin
login-ldapexternalgroups-ldapbindsettings
login-ldapexternalgroups-ldapexternalgroups
login-ldapexternalgroups-ldapgroup
login-ldapexternalgroups-ldapgroupmemberifgroupmembershipcanbefoundingroupattributes
login-ldapexternalgroups-ldapuser
login-ldapexternalgroups-ldapusergroupifgroupmembershipcanbefoundinuserattributes
login-ldapexternalgroups
login-oauthserversettings-0
login-oauthserversettings
login-openidconnect-0
login-openidconnect
login-pam-pam
login-pam
login-passwordblacklist-password
login-passwordblacklist
login-phpbb-phpbb
login-phpbb
login-remotetikiautologin-warning
login-remotetikiautologin
login-saml2-advancedsettings
login-saml2-attributemapping
login-saml2-groupmapping
login-saml2-identityprovidersettings
login-saml2-options
login-saml2-saml2
login-saml2
login-shibboleth-shibboleth
login-shibboleth
login-webserver-webserver
login-webserver
look-customization-customcode
look-customization-editing
look-customization
look-layout-logo
look-layout-modulezonevisibility
look-layout-sitereportbar
look-layout-title
look-layout
look-miscellaneous-contextmenus
look-miscellaneous-favicons
look-miscellaneous-responsiveimages
look-miscellaneous-separators
look-miscellaneous-tabs
look-miscellaneous
look-pagination
look-shadowlayer
look-theme
look-uieffects-other
look-uieffects-standarduieffects
look-uieffects-tabuieffects
look-uieffects
maps-defaults
maps-settings
maps
mautic-credentials
mautic-mainsettings
mautic
messages-activatethefeature
messages-settings
messages
metatags-geometatags
metatags-metatags-facebook
metatags-metatags-general
metatags-metatags-twitter
metatags-metatags
metatags-robots
module-crumbscrumbdescription
module-modulezonevisibility
module
payment-advancedshoppingcart-advancedcarttrackernamessetup
payment-advancedshoppingcart-cartsettings
payment-advancedshoppingcart-features
payment-advancedshoppingcart-productstrackersetup
payment-advancedshoppingcart
payment-payment-0
payment-payment
payment-plugins-plugins
payment-plugins
payment-shipping
performance-database
performance-majorslowdown
performance-memcache
performance-monitor
performance-newsletter
performance-performance
performance-plugins
performance-redis
performance-sessions
performance-timeandmemorylimits
performance-wiki
polls-polls-activatethefeature
polls-polls-plugins
polls-polls-settings
polls-polls
polls-surveys-1
polls-surveys-activatethefeature
polls-surveys
print-articles
print-otherfeatures
print-pdfsettings
print-wikiprintversion
print
profiles-advanced-repositorystatus
profiles-advanced
rating-advanced
rating-articles
rating-comments
rating-defaultoptions
rating-globalconfiguration
rating-trackers
rating-userinterface
rating-wiki
rating
rss-feeds
rss-generalpreferences
rss-incomingfeeds
rtc-bigbluebutton
rtc-xmpp
score-activatethefeature
score-causescoresolderthanacertainnumberofdaystoexpire
score
search-federatedsearch
search-generalsettings-features
search-generalsettings-filegalleriessearches
search-generalsettings-forumsearches
search-generalsettings-search
search-generalsettings
search-searchresults-informationtodisplayforeachresult
search-searchresults-itemstodisplayinsearchresults
search-searchresults
search-storedsearch
security-api
security-generalsecurity-csrfsecurity
security-generalsecurity-httpheaders
security-generalsecurity-smartyandfeaturessecurity
security-generalsecurity-userencryption
security-generalsecurity
security-openpgp-openpgpfunctionalityforpgpmimeencryptedemailmessaging
security-openpgp
security-siteaccess
security-spamprotection-captcha
security-spamprotection
security-tokens
security-webhooks
sefurl-activatethefeature
sefurl-settings
sefurl
semantic-activatethefeature
semantic
share-activatethefeature
share-sitewidefeatures
share
socialnetworks-bit
socialnetworks-general
socialnetworks-legacyintegrations-facebook
socialnetworks-legacyintegrations-linkedin
socialnetworks-legacyintegrations-warning
socialnetworks-legacyintegrations
socialnetworks-sharethis
stats-googleanalytics-0
stats-googleanalytics
stats-piwikanalytics-0
stats-piwikanalytics
stats-tikistatistics-0
stats-tikistatistics
textarea-generalsettings-defaultsize
textarea-generalsettings-externallinksandimages
textarea-generalsettings-features
textarea-generalsettings-markdown
textarea-generalsettings-miscellaneous
textarea-generalsettings-plugins
textarea-generalsettings-typography
textarea-generalsettings-wikisyntax
textarea-generalsettings
textarea-plugins-editpluginicons
textarea-plugins-filter
textarea-plugins-pluginpreferences
textarea-plugins-plugins
textarea-plugins
trackers-plugins-0
trackers-plugins
trackers-settings-activatethefeature
trackers-settings-fieldsettings
trackers-settings-linkedwikipages
trackers-settings-trackerattachmentpreferences
trackers-settings-trackerforcefillfeature
trackers-settings-trackersettings
trackers-settings
trackers-systemtrackers-systemtrackers
trackers-systemtrackers
user-messagingandnotifications-messages
user-messagingandnotifications-usernotifications
user-messagingandnotifications
user-userfeatures-useraccountfeatures
user-userfeatures
user-userfiles-activatethefeature
user-userfiles-settings
user-userfiles
user-userinfoandpicture-profilepicture
user-userinfoandpicture-userinformationdisplay
user-userinfoandpicture
user-usersettings-adminuserpreferences
user-usersettings-defaultuserpreferences
user-usersettings
video-kaltura-activatethefeature
video-kaltura-enablerelatedtrackerfieldtypes
video-kaltura-kalturadynamicplayer
video-kaltura-kalturapartnersettings
video-kaltura-kalturatikiconfig
video-kaltura-legacysupport
video-kaltura-plugintoembedinpages
video-kaltura
webservices-activatethefeature
webservices-options
webservices
wiki-features-attachments
wiki-features-comments
wiki-features-generalfeatures
wiki-features-namespaces
wiki-features-redirectandsimilar
wiki-features-structures
wiki-features-wikiwatch
wiki-features-wikiwordsfeatures
wiki-features
wiki-flaggedrevision-0
wiki-flaggedrevision
wiki-generalpreferences-activatethefeature
wiki-generalpreferences-automatictableofcontents
wiki-generalpreferences-editing
wiki-generalpreferences-pagedisplay
wiki-generalpreferences-pagename
wiki-generalpreferences-plugins
wiki-generalpreferences
wiki-pagelistings-configuration
wiki-pagelistings-options
wiki-pagelistings
workspace-areas-activatethefeature
workspace-areas
workspace-workspaces-activatethefeature
workspace-workspaces-advanced
workspace-workspaces-dependencies
workspace-workspaces
wysiwyg-activatethefeature
wysiwyg-legacyckeditorwysiwyg
wysiwyg-markdowntoastuiwysiwyg
wysiwyg-relatedfeatures
wysiwyg-wysiwygeditorfeatures
wysiwyg

Security - Site access

Option Description Default
Close site Use this setting to "close" the Tiki site (such as for maintenance). Users attempting to access the site will see only a log-in form. Only users with specific permission will be allowed to log in. Use the Message to display to specify the message that visitors will see when attempting to access your site. Disabled
Title Coming soon
Message Site is closed for maintena...
Close site when server load is above the threshold Use this option to "close" the Tiki site when the server load exceeds a specific threshold. Only users with specific permission will be allowed to log in. Use "Maximum average server load threshold in the last minute" to define the maximum server load. Use the "Message to display" to specify the message that visitors will see when attempting to access the site. Disabled
Maximum average server load threshold in the last minute 3
Site Busy Title Server too busy
Site Busy Message Server is currently too bus...
Enable intrusion detection system An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Disabled
Custom rules file temp/ids_custom_rules.json
Intrusion detection system mode Define IDS operation mode, log only, or log and block with impact over a given threshold.
Log only | Log and block requests
Log only
Intrusion detection system threshold Define IDS threshold, when configured in "Log and block requests" more. 0
Log to file ids.log
Log to database Disabled


Security - Spam protection

Option Description Default
Anonymous editors must enter anti-bot code (CAPTCHA) Use CAPTCHA to ensure that anonymous input is from a person. Enabled
CAPTCHA image word length Number of characters the CAPTCHA will display.
2 | 4 | 6 | 8 | 10
6 characters
CAPTCHA image width Width of the CAPTCHA image in pixels. 180 pixels
CAPTCHA image noise Level of noise of the CAPTCHA image.
Choose a smaller number for less noise and easier reading.
100
Use reCAPTCHA Use reCAPTCHA, a specialized captcha service, instead of default CAPTCHA
You will need to register at http://www.google.com/recaptcha
Disabled
Site key reCAPTCHA public key obtained after registering. None
Secret key reCAPTCHA private key obtained after registering. None
reCAPTCHA theme Choose a theme for the reCAPTCHA widget.
Clean | Black Glass | Red | White
Clean
Version reCAPTCHA version.
1.0 | 2.0 | 3.0
2.0
CAPTCHA questions Requires anonymous visitors to enter the answer to a question. Disabled
CAPTCHA questions and answers Add some simple questions that only humans should be able to answer, in the format: "Question?: Answer" with one per line
One question per line with a colon separating the question and answer
None
Protect email against spam Protect email against spam submissions.
Protect email against spam currently does not operate in pages edited in WYSIWYG mode (Tiki 6.1)
Enabled
Add "rel=nofollow" to external links Nofollow is used to instruct some search engines that the link should not influence the ranking of the link's target in the search engine's index. Disabled
Banning system Deny access to specific users based on username, IP, and date/time range. Disabled
Ban usernames and emails Banning rules use both email and username to match rules. Disabled
Attempts number Number of attempts user is allowed to login incorrectly before banning them from further attempts. 5
Banning system The duration of the incorrect login attempts ban in minutes. 30
Comments moderation Enables the admin or other authorized group member to validate comments before they are visible Disabled
Use Akismet to filter comments Prevent comment spam by using the Akismet service to determine if the comment is spam. If comment moderation is enabled, Akismet will indicate if the comment is to be moderated or not. If there is no comment moderation, the comment will be rejected if considered to be spam. Disabled
Akismet API Key Key required for the Akismet comment spam prevention.
Obtain this key by registering your site at http://akismet.com
None
Filter spam for registered users Activate spam filtering for registered users as well. Useful if your site allows anyone to register without screening. Disabled
Require passcode to register Users must enter an alphanumeric code to register. The site administrator must inform users of this code. This is to restrict registration to invited users. Disabled
Passcode Alphanumeric code required to complete the registration None
Show passcode on registration form Displays the required passcode on the registration form. This is helpful for legitimate users who want to register while making it difficult for automated robots because the passcode is unique for each site and because it is displayed in JavaScript. Disabled
Registration page key To register, users need to go to, for example: tiki-register.php?key=yourregistrationkeyvalue
Key required to be on included the URL to access the registration page (if not empty).
None


Security - Tokens

Option Description Default
Token access With the presentation of a token, allow access to the content with elevated rights. The primary use of this authentication method is to grant temporary access to content to an external service. Disabled
Token access default timeout The default duration for which the generated tokens will be valid. 604800 seconds
Token access default maximum hits The default maximum number of times a token can be used before it expires. 10 hits
Share access rights with friends when using Share Allow users to share their access rights for the current page with a friend when sending the link by email, Twitter, or Facebook. The lifespan of the link is defined by the site. Disabled
Do not delete temporary users when token is deleted/expired Normally temporary users created (see tiki-adminusers.php) are deleted when their access token is deleted/expired. If turned on, this will keep those users around (and can be manually deleted later) but they will have no groups and therefore no perms Disabled


Security - SEFURL

Option Description Default
Search engine friendly URL If the site is using Apache, you can rename _htaccess as .htaccess to use short URLs. On IIS, rename web_config as web.config Disabled
Canonical URL tag Indicates to search engines which URL to use, to prevent duplicate listings Enabled
HTTPS for user-specific links When building notification emails, RSS feeds, the canonical URL or other externally available links, use HTTPS when the content applies to a specific user. HTTPS must be configured on the server. Disabled
Canonical URL domain If this is a testing site with duplicate content, you may want to put the real site domain here so search engines don't index the testing site. In complex perspective setups using multiple domains, you may want more control on which canonical domain is advertised. None
Wiki URL scheme Alter the SEFURL pattern for page names.
Use the "View" action to regenerate your URLs after changing this setting.
Replace spaces with dashes | Replace spaces with underscores | URL Encode (Tiki Classic)
Replace spaces with dashes
Custom Routes Custom routes allow the definition of URLs by the admin, that can be mapped to existing Tiki objects like pages and trackers. "Add BASE tag in the page HEAD" is required when you have "/" as part of the URL. Enabled
Short URL Provides the ability to create a short url, easy to share. Disabled
Short URL base URL The base URL that is used when generating short URLs, including the HTTP prefix, example: "http://www.example.com". By default will use the URL of the current website. None
SEFURL postfilter Do not enable this feature as most Tiki features output friendly URLs and this feature has high processor overhead. Disabled
Max size of title in the search engine friendly URL (Tracker Items and Forum Threads) Limit the number of characters in the tracker item or forum thread title. 200
Article title in SEFURL The article title rather than article number can be displayed in the search engine friendly URL. Enabled
Blog title in SEFURL The blog title rather than blog number can be displayed in the search engine friendly URL. Enabled
Display forum thread or forum post title in the search engine friendly URL Enabled
Tracker title in SEFURL To display the title, you should disable `Rewrite tiki-view_tracker.php?itemId=yyy to Prefixyyy page` Enabled
Rewrite tiki-view_tracker.php?itemId=yyy to Prefixyyy page This redirection uses the wiki prefix alias feature Disabled
Use Only ASCII in SEFURLs Do not use accented characters in short (search engine friendly) URLs. Disabled
URL Frgament format Provides ability to change anchor format
Set to "Complete" to change the encoding and allow anchors to contain other characters in addition to ASCII letters and digits.
Strict | Complete
Strict
URL Fragment Guesser Scroll to the closest anchor when the one indicated in the URL is missing in a page. Disabled

List Slides